TY - JOUR
T1 - PCPOR
T2 - Public and constant-cost proofs of retrievability in cloud
AU - Yuan, Jiawei
AU - Yu, Shucheng
N1 - Publisher Copyright:
© 2015-IOS Press and the authors.
PY - 2015/7/2
Y1 - 2015/7/2
N2 - For data storage outsourcing services, it is important to allow users to efficiently and securely verify that cloud storage servers store their data correctly. To address this issue, a number of Proof of Retrievability (POR) and Proof of Data Possession (PDP) schemes have been proposed wherein servers must prove to a verifier that data are stored correctly. While existing POR and PDP schemes offer decent solutions addressing various practical issues, they either have non-trivial (linear or quadratic) communication and computational complexity, or only consider private verification. In this paper, we propose the first POR scheme with public verifiability, constant communication and computational costs on users. In our scheme, messages exchanged between cloud servers and users are composed of a constant number of group elements and random numbers; computational tasks required on users are also constant; batch auditing of multiple tasks is also efficiently supported. We achieved these by a unique design based on our novel polynomial-based authenticators. Extensive experiments on Amazon EC2 cloud and different client devices (contemporary and mobile devices) show that our design allows a user to audit the integrity of a file of any size with a constant computational cost of 150 ms on PC (2.11 s on mobile device) and a communication cost of 2.34 kB for 99% error detection probability when employing an erasure coding with 1% fault tolerance rate. We prove the security of our scheme based on the Computational Diffie-Hellman problem, the t-Strong Diffie-Hellman problem and the Static Diffie-Hellman problem.
AB - For data storage outsourcing services, it is important to allow users to efficiently and securely verify that cloud storage servers store their data correctly. To address this issue, a number of Proof of Retrievability (POR) and Proof of Data Possession (PDP) schemes have been proposed wherein servers must prove to a verifier that data are stored correctly. While existing POR and PDP schemes offer decent solutions addressing various practical issues, they either have non-trivial (linear or quadratic) communication and computational complexity, or only consider private verification. In this paper, we propose the first POR scheme with public verifiability, constant communication and computational costs on users. In our scheme, messages exchanged between cloud servers and users are composed of a constant number of group elements and random numbers; computational tasks required on users are also constant; batch auditing of multiple tasks is also efficiently supported. We achieved these by a unique design based on our novel polynomial-based authenticators. Extensive experiments on Amazon EC2 cloud and different client devices (contemporary and mobile devices) show that our design allows a user to audit the integrity of a file of any size with a constant computational cost of 150 ms on PC (2.11 s on mobile device) and a communication cost of 2.34 kB for 99% error detection probability when employing an erasure coding with 1% fault tolerance rate. We prove the security of our scheme based on the Computational Diffie-Hellman problem, the t-Strong Diffie-Hellman problem and the Static Diffie-Hellman problem.
KW - Integrity checking
KW - cloud storage
KW - public verification
UR - http://www.scopus.com/inward/record.url?scp=84936746627&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84936746627&partnerID=8YFLogxK
U2 - 10.3233/JCS-150525
DO - 10.3233/JCS-150525
M3 - Article
AN - SCOPUS:84936746627
SN - 0926-227X
VL - 23
SP - 403
EP - 425
JO - Journal of Computer Security
JF - Journal of Computer Security
IS - 3
ER -